Use this guide to link the 1Password desktop app with the Zen Browser extension on Linux and macOS. The link gives biometric open for the extension and keeps the lock state in sync with the desktop app. Windows users rely on the extension alone, which works fine on its own. The default link fails because 1Password trusts only a short list of browsers, and Zen falls outside that list today.

The sections below explain why the link matters, what blocks the link, and how to enable the link in a safe and simple way.

What you get

The link removes extra password prompts and keeps focus on real work. A single open in the desktop app also opens the extension in Zen, which reduces friction during daily browsing. A single lock in the desktop app also locks the extension, which helps prevent mistakes when stepping away from the keyboard. Touch ID or another biometric on the desktop app also opens the extension, so no need to retype a long master password in the browser.

• Fewer prompts and fewer context switches during login flows.
• Shared open/lock state between desktop app and browser extension.
• Biometric support for the extension through the desktop app.

Why it fails

1Password ships with a list of "trusted browsers" that receive permission to talk to the desktop app. Zen Browser remains new and below the usage threshold that 1Password uses for that list, so no trust record exists yet. The extension in Zen still works alone, but no private bridge forms between the desktop app and the extension until Zen appears in the trusted list. Adding Zen to that list removes the block and allows a secure connection that passes account information and encryption keys between the two sides.

Before you start

Set up the 1Password desktop app and sign in to a regular account. Install the official 1Password extension in Zen from the standard source used for other browsers. Keep Administrator access ready for Linux changes, because a system folder stores a small allowlist for trusted browsers. Plan to quit and reopen both apps after changes, which clears stale state and forces a fresh handshake between desktop and extension.

Linux

On Linux, 1Password reads an allowlist from a text file named custom_allowed_browsers. Each line in that file holds one browser process name, and 1Password grants trust to any process that matches a line. Zen Browser uses a process name named zen-bin in common builds, so adding that name to the file gives the desktop app permission to form a private bridge to the extension. The change affects only trust decisions for the desktop bridge and does not weaken vault security or change account data.

Run this commands in a terminal, then reopen both apps:

sudo mkdir -p /etc/1password
sudo touch /etc/1password/custom_allowed_browsers
echo "zen-bin" | sudo tee -a /etc/1password/custom_allowed_browsers